Search Linux Wireless

Re: [ipw3945-devel] [PATCH 1/5] mac80211: allows driver to request a Phase 2 key

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Mar 17, 2008 at 11:58 AM, Johannes Berg
<johannes@xxxxxxxxxxxxxxxx> wrote:
>
>  > >  Also, looking at what you do here, I found this comment:
>  > >         /* FIXME: need to differenciate between static and dynamic key
>  > >          * in the level of mac80211 */
>  > >         static_key = !iwl4965_is_associated(priv);
>  > >
>  > >  I think that is pretty bogus because there isn't really a distinction
>  > >  between dynamic and static keys, what's the reason for differentiating
>  > >  in the driver? Also, the driver will do rather odd things when
>  > >   * associate
>  > >   * set a key
>  > >   * disassociate
>  > >   * delete the key
>  > >
>  >
>  > This is actually quite a bug in mac80211. There is substantial
>  > difference between dynamic and static key.
>  > While static key  is used for crypto of all stations in BSS. Dynamic
>  > key is also called pairwise key and is generated for 'pair'
>
>  Gee, can you then please stick to terminology used in the spec so other
>  people can understand it?

What spec. ieee80211i. WPA, WPA2? .

>
>  > Currently mac80211 set static key with broadcast address which iis
>  > wrong cause driver cannot distinguish whether this key is
>  > multicast/broadcast dynamic key or a static key. Shell it use it for
>  > all traffic or only for mcast/bcast? Who can tell?
>
>  Actually, you're making it look like a much larger problem than it is.
>  If you assume anything WEP is a "static key" and everything else is a
>  "dynamic key" (using your terminology), the only problem will be with
>  dynamic WEP, and even then it's not really a problem because as far as I
>  understand even dynamic WEP doesn't distinguish between group and
>  pairwise keys.

This is incorrect.  WPA enable using WEP as dynamic key and this
setting is very common.
WEP key is enabled for legacy stations this force also broadcast to be
WEP.  This setup is still quite common.


>
>  > Other difference while there can be 4 static key installed that the
>  > same time possible switching between indexes  There can be only one
>  > dynamic key per station if you also consider mcast/bcast station to be
>  > an entity. (TKIP actally uses different  key index for bcast but
>  > that's just little execption)
>  > The terminology which is used is also wrong and I guess this is just
>  > wrong interpretation of  old implementation - 'default key' is used
>  > for static key. Key mapping key is used for dynamic keys.
>
>  I don't think I understand the last paragraph?

Nothing imporatant just that term 'default key' is used usually on in
context of static/legacy WEP key
while term 'key mapping key' is used for what I call dynamic key.

>
>  In any case, actual TX key selection is done by mac80211 anyway, so
>  you're never interested in that. Only RX key selection is interesting to
>  the driver, and as far as I can tell it ought to work if you simply
>  always use the broadcast address key when it's WEP, and otherwise the
>  pairwise keys and/or the broadcast key for bc/mc frames.

Nothing to add to just that the assumption about WEP and broadcast is wrong.

>  Note that there's another case in AP mode where bc/mc keys are TX-only,
>  those are added with a zeroed MAC address.

I would prefer also in this case a clear flag rather then playing with
ambiguity of destination address.

>  johannes
>
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux